<?php
require_once '../dao/dao_create_account.php';
require_once '../config.php';
require_once '../dao/dao_db.php';
$userid  =trim($_POST['userid']);
$username=trim($_POST['username']);
$gender  =$_POST['gender'];
if(!empty($_POST['newsright'])){
	$newsright=1;
}else{
	$newsright=0;
}
if($userid==''||$username==''||$gender==''){
	header('Location: ../create_account.php?msg=somethingisnull');
}elseif(!is_numeric($userid)){
	header('Location: ../create_account.php?msg=useridisnotanumeric');
//create account
}elseif(!isset($_GET['method'])||$_GET['method']!='modify'){
	if(is_exist($userid)){//userid exists
		mysql_close();
		header('Location: ../create_account.php?msg=userexist');
	}else{
		session_start();
		if($_SESSION['level']==ADMINISTRATOR){
			create_account($userid,$username,$gender,TEACHER,$userid,$newsright);
			mysql_close();
			header('Location: ../teacher_manage.php');
		}elseif($_SESSION['level']==TEACHER){
			create_account($userid,$username,$gender,STUDENT,$_SESSION['userid'],0);
			mysql_close();
			header('Location: ../student_manage.php');
		}else{
			header('Location: ../error.php?errcode=1');
		}
		
	}
}elseif(isset($_GET['method'])&&$_GET['method']='modify'){
	session_start();
	if($_SESSION['level']==ADMINISTRATOR){
		if(is_exist($userid)){
			update_account($userid,$username,$gender,$newsright);
			mysql_close();
		}else{
			mysql_close();
			header('Location: ../error.php?errcode=1');
			exit;
		}
	}elseif($_SESSION['level']==TEACHER){
		update_account($userid,$username,$gender,'');
		mysql_close();
	}else{
		header('Location: ../login.php');
	}
	header('Location: ../teacher_manage.php');
}else{
	header('Location: ../error.php?errcode=1');
}
?>